[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: MacOS 9.2, Internet Explorer, Local Vulnerability
From: Neeko Oni <neeko () haackey ! com>
Date: 2001-10-31 17:48:05
[Download RAW message or body]
Vulnerability:
Access controls can be evaded on MacOS9.2 using Internet Explorer,
allowing users to execute programs they otherwise would not be
able to run.
Details:
While in the college media lab I attempted to run MacSSH to get
onto my home desktop, I received an error message telling me I
did not have access to run said program. By launching Internet
Explorer 5 Macintosh Edition, and creating a 'ssh' helper application
(with MacSSH as the helper application), I was able to execute MacSSH
without problem. I was logged in under a general student account
(not Admin). This has been tested with applications other than MacSSH.
Tested System: MacOS9.2.1 on an iMac with Internet Explorer.
If this is a known vulnerability, I apologize for the wasted bandwidth.
It's dead simple, but could be used maliciously, quite obviously.
.Neeko Oni. [10.31.01] Happy Halloween.
(neekooni@yahoo.com)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic